Security measures are increasingly needed to protect sensitive data and facilities. Only authentic users should have access to such data and facilities. However, simple passwords or even magnetic type security cards that have conventionally been used to authenticate users can be lost, stolen or duplicated. In such cases the missing or duplicated security cards or passwords allows a thief access to secure areas.
In addition to providing security, a security method and apparatus must be relatively simple and easy to use and administer. For example, armed guards can protect stored data and facilities containing such data, but it is impossible to have armed personnel protect all important data and secure facilities. Even if sufficient personnel were available, the question still remains: how can a guard know who should have access?
Today, businesses generally deploy networks, such as local area networks (LANs) or wide area networks (WANs) in order to make valuable information and resources available immediately to trusted employees. Computer networks are thus very powerful and enable employees to work efficiently together. However, the power and convenience of computer networks also makes theft of information easier to accomplish.
In U.S. Pat. No. 6,256,737, it is proposed to implement one or more biometric devices associated with a client computer to read biometric(s) of a user and control access to a computer network. The patent, however, performs authentication and grants access to the network based solely on biometrics of a user and fixed confidence thresholds.
Accordingly, there is a need for security measures that are not easily susceptible to theft and duplication. There is a further need for security measures for accessing computers and computer networks that may be implemented securely and conveniently within an organization. There is still a further need for security measures that are capable of providing variations in authentication procedures based on events that comprise security risks.